/** * Creates a new session. * * @return */ public HttpSessionImpl createNewSession() { HttpSessionImpl session = new HttpSessionImpl(StringUtilities.generateRandom(), System.currentTimeMillis()); session.setServletContext(this); LOGGER.log(Level.FINE, "Created a new session {0}", new Object[]{session.getId()}); return session; }
private boolean isSessionExpired(final HttpSessionImpl session) { return System.currentTimeMillis() - session.getMaxInactiveInterval() * MS_IN_SECOND > session.getLastAccessedTime(); }
/** * {@inheritDoc} */ @Override public void invalidate() throws IllegalStateException { checkInvalidatedSession(); isInvalidated = true; }
@Test public void shouldReturnTheSameValuesByNull() { assertThat(session.getId(), is("123")); session.setLastAccessedTime(3344l); assertThat(session.getLastAccessedTime(), is(3344l)); session.setMaxInactiveInterval(6677); assertThat(session.getMaxInactiveInterval(), is(6677)); ServletContext servletContext = mock(ServletContext.class); session.setServletContext(servletContext); assertThat(session.getServletContext(), is(servletContext)); }
@Test public void shouldRemoveExpiredSession() throws IOException { HttpSessionImpl session = new HttpSessionImpl("123", System.currentTimeMillis()); session.setLastAccessedTime(System.currentTimeMillis() - session.getMaxInactiveInterval() * 1000 - 1); when(sessionStorage.getSession("123")).thenReturn(session); HttpSessionImpl sessionRead = servletContext.getSession("123"); verify(sessionStorage, times(1)).removeSession(session); assertThat(sessionRead, is(nullValue())); }
@Test public void shouldPersistRestoreAndRemoveSession() throws IOException { HttpSessionImpl sessionWrapper = new HttpSessionImpl(VALID_SESSION_ID, System.currentTimeMillis()); sessionWrapper.setAttribute("attributeName", "SomeValue"); fileSessionStorage.persistSession(sessionWrapper); sessionWrapper = fileSessionStorage.getSession(VALID_SESSION_ID); assertThat(sessionWrapper, is(not(nullValue()))); assertThat((String) sessionWrapper.getAttribute("attributeName"), is("SomeValue")); fileSessionStorage.removeSession(sessionWrapper); sessionWrapper = fileSessionStorage.getSession(VALID_SESSION_ID); assertThat(sessionWrapper, is(nullValue())); }
@Test(expected = IOException.class) public void shouldThrowExceptionWhenUnableToCreateFile() throws IOException { String nonExistentDirectory = "/tmp/nonexistent-" + Math.random() + "/"; assertThat(new File(nonExistentDirectory).exists(), is(false)); SessionStorage sessionStorage = new FileSessionStorage(nonExistentDirectory); sessionStorage.persistSession(new HttpSessionImpl(VALID_SESSION_ID, System.currentTimeMillis())); }
@Test public void shouldBeNewIfAccessTimeIsTheSameAsCreationTime() { session.setLastAccessedTime(session.getCreationTime()); assertThat(session.isNew(), is(true)); }
/** * Gets session for the given id. * * @param id * @return */ public HttpSessionImpl getSession(final String id) { HttpSessionImpl session = null; try { session = sessionStorage.getSession(id); if (session != null) { session.setServletContext(this); if (isSessionExpired(session)) { sessionStorage.removeSession(session); LOGGER.log(Level.FINE, "Removed expired session {0}", new Object[]{session.getId()}); session = null; } } } catch (IOException e) { } return session; }
/** * Handles session storage/invalidation, sets session cookies. * * @param session * @param response * @throws IOException */ public void handleSession(final HttpSessionImpl session, final HttpServletResponseImpl response) throws IOException { Cookie cookie = new Cookie(HttpSessionImpl.COOKIE_NAME, ""); if (session.isInvalidated()) { cookie.setMaxAge(MAX_AGE_IN_PAST); sessionStorage.removeSession(session); LOGGER.log(Level.FINE, "Invalidated session {0}", new Object[]{session.getId()}); } else { cookie.setValue(session.getId()); sessionStorage.persistSession(session); } response.addCookie(cookie); }
@Before public void setUp() { session = new HttpSessionImpl("123", System.currentTimeMillis()); session.setAttribute("attribute", "value"); }
@Test(expected = IllegalStateException.class) public void shouldThrowExceptionWhenReadingAccessTimeInvalidatedSession() { session.invalidate(); session.getLastAccessedTime(); }
@Test public void shouldInvalidateSession() { assertThat(session.isInvalidated(), is(false)); session.invalidate(); assertThat(session.isInvalidated(), is(true)); }
@Test public void shouldReturnSessionForValidSID() throws IOException { HttpSessionImpl session = new HttpSessionImpl("123", System.currentTimeMillis()); when(sessionStorage.getSession("123")).thenReturn(session); HttpSessionImpl sessionRead = servletContext.getSession("123"); assertThat(sessionRead, is(not(nullValue()))); assertThat(sessionRead.getServletContext(), is((ServletContext) servletContext)); }
@Test public void shouldEraseCookieAndRemoveForInvalidatedSession() throws IOException { HttpSessionImpl session = new HttpSessionImpl("123", System.currentTimeMillis()); session.invalidate(); servletContext.handleSession(session, response); verify(sessionStorage, times(1)).removeSession(session); assertThat(response.getCookies().size(), is(greaterThan(0))); for (Cookie cookie : response.getCookies()) { if (cookie.getName().equals(HttpSessionImpl.COOKIE_NAME)) { assertThat(cookie.getMaxAge(), lessThan(-1)); return; } } fail("Session DELETE cookie was not set."); }
/** * {@inheritDoc} */ @Override public boolean removeSession(final HttpSessionImpl session) { File file = new File(getSessionStoragePath(session.getId())); return file.delete(); }
/** * {@inheritDoc} */ @Override public HttpSession getSession(final boolean create) { getSessionInstance(); if (session == null && create) { session = servletContext.createNewSession(); } if (session != null) { session.setLastAccessedTime(System.currentTimeMillis()); } return session; }
@Test(expected = IllegalStateException.class) public void shouldThrowExceptionWhenAccessingInvalidatedSession() { session.invalidate(); session.getAttribute("attribute"); }
@Test(expected = IllegalStateException.class) public void shouldThrowExceptionWhenReadingAttributeNamesInvalidatedSession() { session.invalidate(); session.getAttributeNames(); } }
@Test public void shouldGraduallyRemoveAttributeByOverwritingByNull() { assertThat((String) session.getAttribute("attribute"), is("value")); session.setAttribute("attribute", null); assertThat(session.getAttribute("attribute"), is(nullValue())); }